SharePoint 2013 permissions for each user
I am working on my own SharePoint 2013 test site and I need to grant permission to the test accounts. I want to make certain the 3 test accounts can not see the lists, files, and workflows that the other users created.
Do I need to grant permission at the site level, user level, custom list level, for each workflow, and/or for each custom form? Do I invite each user and/or 'share' with each user? Can you tell me and/or point me to a source that will tell me what level
of permission I need and how to grant this type of permission?
Wendy,
In sharepoint, you can grant permission at any level you want. That permission will carry forward by default until someone break them and configure unique permission.
In ideal case, we recommend to use share security group to grant permission and not grant to individual user. Also try to restrict 2 default site group (Owner/member/viewer) as much possible, but in reality ppl break these rule often and eventually end up
with maintenance overhead.
I will recommenced you and everyone to go through this nice ppt which clears sharepoint permission idea in our mind.
Here you go - SharePoint
Permissions Worst Practices
Please 'propose as answer' if it helped you, also 'vote helpful' if you like this reply.
Similar Messages
-
Accessing Sharepoint 2013 externally for domain users and customers
Just an FYI I am not a SP administrator by any means but have be tasked with taking over this project and could use some assistance.
Sharepoint 2013 is working fine internally. Users access the site and login with their domain credentials. Our client is moving one of their departments to another building down the street and we'd like them to be able to access local resources without the
use of another server or site to site vpn or standard vpn.
My question is, how do we make Sharepoint accessible outside of their local network?
If we open up a port on the router and have it forward all request to Sharepoint server will we be able to access it?
Also, how will they authenticating with the Sharepoint Server? Do they use the same user credentials?
I forgot to mention this is Sharepoint 2013 Enterprise Edition. We are also using Project Server 2013 as well.
Thanks in AdvanceHi 3s1k,
According to your description, my understanding is that you want to access the SharePoint site from Internet.
You need to first ensure that you enable Anonymous Access for your web application. You'll then need to set up DNS for the domain you own to point to your web front end server (or virtual IP if it's load balanced). Then set up the appropraite IIS bindings
for the web application, and finally you'll need to extend your web application to an Internet Zone and give it the appropriate domain name.
There are some similar posts for your reference:
https://social.technet.microsoft.com/Forums/en-US/2277d710-ed05-4613-bd66-fd12e4d64b61/sharepoint-intranet-site?forum=sharepointadminprevious
https://social.technet.microsoft.com/Forums/sharepoint/en-US/fd968a08-393b-41c0-a916-c48ce0f83104/configure-sharepoint-2013-for-accessing-over-internet?forum=sharepointadmin
http://sharepoint.stackexchange.com/questions/54315/sharepoint-2013-extranet-acces-outside-the-internal-network
Best Regards,
Wendy
Wendy Li
TechNet Community Support -
SharePoint: Workflow to retrieve all users and Create list item record for each user
Hi all,
My share point site have two Lists as Holidays and MyCalender.
Actually Holiday is simple non-Calender list with field as Holiday Date, Reason. MyCalender List Calender type list with Person Look-up column and user can see his own record. User of Manager group will declare holiday. This Holiday should get reflected
on each user 's MyCalender List.[One listitem as holiday date and reason for each user] so everyone can view that record.
I have requirement as Manager will create one Holiday record and then run single workflow so for all users present in SharePoint Site, one MyCalender List Item record should get created. Is it possible to do using Workflow?? Please help as I didn't get any
solution for this.. Thanks in advance!You don't need one workflow per user when a filtered view can do this for you. If the manager's list is the parent calendar, I'm assuming that he'll be at least using the person look-up column.
Whether this feeds through the MyCalendar or stays where it is, you can use the [Me] parameter within the filter on a new view. This will then return the assigned holiday filtering against the account that is logged in.
Steven Andrews
SharePoint Business Analyst: LiveNation Entertainment
Blog: baron72.wordpress.com
Twitter: Follow @backpackerd00d
My Wiki Articles:
CodePlex Corner Series
Please remember to mark your question as "answered" if this solves (or helps) your problem. -
Restore using Time Machine to new hard drive, but last "full" backup was in 2012. How do I restore the rest of the Time Machine backups, particularily IPHOTO libraries for each user?
I entered Iphoto for my user and only photo up until 2012 were in the library. I thought the restore would do the incremental Time Machine backups too.....
Running 10.8.2It usually means you are running Mavericks but have an earlier version of iPhoto. Open the App Store and upgrade your version of iPhoto to the Mavericks version.
The iWork apps are free with a new iOS device since 1 SEP 2013. They are free with a new Mac since 1 OCT 2013. They are also free with the upgrade to OS X Mavericks 10.9 if you had the previous version installed when you upgraded.The iWork apps are free with a new iOS device since 1 SEP 2013. They are free with a new Mac since 1 OCT 2013. They are also free with the upgrade to OS X Mavericks 10.9 if you had the previous version installed when you upgraded.
iWork and iLife for Mac come free with every new Mac purchase. Existing users running Mavericks can update their apps for free from the Mac App Store℠. iWork and iLife for iOS are available for free from the App Store℠ for any new device running iOS 7, and are also available as free updates for existing users. GarageBand for Mac and iOS are free for all OS X Mavericks and iOS 7 users. Additional GarageBand instruments and sounds are available for a one-time in-app purchase of $4.99 for each platform. -
Password security - set permissions for different users
I am using Abobe Acrobat 9 Pro.
In the HELP menu, there is a security section in the contents, In the overview, it states the following:
"Each security method offers a different set of benefits. However, they all allow you to specify encryption algorithms, select the document components to encrypt, and set permissions for different users."
I would like to know how you can set permissions for different users using Password Security.
I am the only one in the company who has Acrobat 9 Pro and all others have Adobe Reader 8.
I have created a PDF file in Acrobat 9, this file is accessible to anyone with Abobe Reader. I would like to set different permissions for different users. For example, i would like certain individuals to print the document and other individuals to not be allowed to print. Can this be acheived using Password Security?
Many ThanksI have created a PDF file in Acrobat 9, this file is accessible to
anyone with Abobe Reader. I would like to set different permissions for
different users. For example, i would like certain individuals to print
the document and other individuals to not be allowed to print. Can this
be acheived using Password Security?
No. -
Whate would be necessary hardware requirement for installation of SP 2013 Enterprise for 3000+ Users. kindly share MS Article on this.
Hi,
In addition, here is the reference for Sizing and Capacity Planning for SharePoint 2013 :
http://blogs.msdn.com/b/sanjaynarang/archive/2013/04/06/sizing-and-capacity-planning-for-sharepoint-2013-resources.aspx
Regards,
Rebecca Tu
TechNet Community Support -
Hello!
I want to limit bandwidth to users. Each user must have own speed. For each user I define class-map and policy-map. But I have many users (above 500), but class-map limits 256 :(. How I can resolve my problem?
My config for only 2 users:
ip access-list extended u_2175_a
permit ip any 10.10.10.1 0.0.0.0
class-map u_2175
match access-group name u_2175_a
ip access-list extended u_2204_a
permit ip any 10.10.10.2 0.0.0.0
class-map u_2204
match access-group name u_2204_a
policy-map UNLIM_USERS
class u_2175
shape peak 256000
class u_2204
shape peak 512000
Policy UNLIM_USERS applies to interface.
Cisco 7200 NPE G2You can resolve your issues through enable intelligent traffic control to condition or applications for traffic rate limiting ie NBAR and Rate-limiting / CAR:
You can designate CAR rate-limiting policies based on physical port, packet classification, IP address, MAC address, application flow, and other criteria specifiable by access lists or extended access lists. CAR rate limits may be implemented either on input or output interfaces or subinterfaces including Frame Relay and ATM subinterfaces.
An example of use of CAR's rate-limiting capability is application-based rates limiting HTTP World Wide Web traffic to 50 percent of link bandwidth, which ensures capacity for non-Web traffic including mission-critical applications -
Create a dynamic attribute for each user
Hi All,
I request you all to let me know how to give an approach to the following requirement.
REQUIREMENT: I have to create a dynamic attribute in UME for each user and the read the attribute on lead selection of a table having list of Users.
On lead selection, the dynamic attribute value should be either true or false. Based on this value the rest of the application specific operations wil be taken care.
If a particular User does not have the dynamic attribute associated to it, then we need to create the same.
Looking forwarrd for your help.
Regards
Dipendra//@@begin javadoc:UMSavePropertiesByNode()
/** Declared method. */
//@@end
public boolean UMSavePropertiesByNode( )
//@@begin UMSavePropertiesByNode()
try {
if (wdContext.currentUserDataElement().getVaIUserMaint().setAttribute("com.sap.security.core.usermanagement", this.getUMPropertyName(null) + ".TableColumns", this.getPropertiesByNode())) {
wdContext.currentUserDataElement().getVaIUserMaint().save();
wdContext.currentUserDataElement().getVaIUserMaint().commit();
msg.reportMessage(IMessageTableUtilsComponent.UMPROPERTY__SAVE__FIELDS__SUCCESS, null, false);
} catch (UMException ex) {
wdContext.currentUserDataElement().getVaIUserMaint().rollback();
msg.reportMessage(IMessageTableUtilsComponent.UMPROPERTY__SAVE__FIELDS__ERROR, null, false);
return false;
return true;
//@@end
//@@begin javadoc:UMLoadFieldsProperties()
/** Declared method. */
//@@end
public petrobras.com.br.classes.FieldsTable UMLoadFieldsProperties( petrobras.com.br.classes.FieldsTable fields )
//@@begin UMLoadFieldsProperties()
String properties[] = wdContext.currentUserDataElement().getVaIUserMaint().getAttribute("com.sap.security.core.usermanagement", this.getUMPropertyName(null) + ".TableColumns");
if (Compare.getLenght(properties) > 0) {
//msg.reportWarning("[UMLoadFieldsProperties]: properties.length = " + properties.length);
for (int i = 0; i < properties.length; i++) {
int attrPos = Integer.parseInt(properties<i>.substring(properties<i>.indexOf("(") + 1, properties<i>.indexOf(")")));
String attrName = (String) properties<i>.substring(properties<i>.indexOf(")") + 1, properties<i>.indexOf("="));
int attrValue = Integer.parseInt(properties<i>.substring(properties<i>.indexOf("=") + 1, properties<i>.indexOf(";")));
Field item = fields.getField(attrName);
if (item != null) {
item.setPosition(attrPos);
item.setVisibility(WDVisibility.valueOf(attrValue));
fields.removeFieldByName(attrName);
fields.addField(item);
return fields;
//@@end
regards,
Angelo -
Help Please. I am setting up my macbook pro for a second user but office didn't transfer over. Is there a way to have additional users on the same comp have office available without having to re-install it for each user?
mpr130 wrote:
Help Please. I am setting up my macbook pro for a second user but office didn't transfer over. Is there a way to have additional users on the same comp have office available without having to re-install it for each user?
How did you attemp to transfer Office?
OS X Lion: Set up a guest account -
I have many users logged into a Windows Server 2008 R2 Remote Desktop Server (Terminal Server) and all of them use Firefox. Each one of their profiles get very large due to their Firefox profiles.
Seems that all the space being taken up by the cache folder. (C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\Profile.default\Cache)
Is there a way to enforce a policy within the program to clear the cache for each user either each time the browser is closed or when the user logs off?when you lock the preferences with the mozilla.cfg file in the firefox program folder as it's described in the mozillazine kb article above, it should apply for all users...
-
How to allocate disk size for each user in iMac?
Hi folks,
I have iMac (Mac OS X, version 10.7.5) for Family, and each of my family member has account on it.
Now, kids download many large files (several GB size files) and HD is getting full.
So, I'd like to set maximum disk size for each user.
Could you prvide instruction how to configure disk size for each user?
Regards,
HiroI don't know of any way to do that by user.
I used to partition my HD and that sets a hard limit by partition, but by user? I don't think it can be done. -
How to check whether a file got read permissions for perticular user
Problem: Let JRE is running with some x as effective user in LINUX then while checking file permission it is checking permission on that file for that x user.
File f = new File(�file name�)
if(f.exists())
System.out.println(�exists�);
Else
System.out.println(�does not exists�);
The above code prints exists only when x user have permissions on that file
Requirement: I would like to check whether a file got read permissions for particular user i.e. whether y user got permissions on that file.
Any help is appreciatedIn Linux a user has to have read permission on a file to even see that it exists. As a result, if a user (or a group to which they belong) doesn't have read access to the file File.exists() will return false. Windows which doesn't have as tightly controlled access to files will admit that a file exists whether it can be read or not.
PS.
This is proof that I should never answer a question off the top of my head when I haven't had my red bull yet. This is wrong. You will be able to see it if you have read and execute on the directory.
thumps self in head
Message was edited by:
puckstopper31 -
Individuall shopping lists for each User - SRM-MDM 3.0
Hello everybody,
I want to implement a SAP SRM-MDM scenario with SRM-MDM 3.0. The SRM-MDM 3.0 has the poissiblity to create shopping carts for every 'MDM User'. But that's not enough for our users.
Is it possible to create different shopping lists for each user?
I already use the setting: sl_user with the attribute SY-UNAME but it doesn't work
10 http://...:50100/SRM-MDM/SRM_MDM URL
19 sl_user SY-UNAME SAP-Feld
20 username User1 Festwert
30 password <blank> Festwert
40 server s27sr7 Festwert
50 catalog SR7_MDM3_Catalog_4_Produktiv_2 Festwert
60 uilanguage SY-LANGU SAP-Feld
70 datalanguage SY-LANGU SAP-Feld
I hope anybody can help me.
Regards,
Andi@everybody: Thanks for your fast reply!
@Girish: Yes, I think we have the same problem
@Padhi: It is not a prictically solution to create every SAP SRM User (3.000) in the SAP SRM-MDM Catalog. In comparison to other catalog systems (e.g. heiler) this have to be a standard feature
@Kanth: That's correct, you can activate the shopping list option for the MDM User. But the MDM User only defines the rights and masks. For the MDM it is not necessary to login with your SAP / SAP SRM Username.
Note [1153525|https://websmp130.sap-ag.de/sap(bD1kZSZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=1153525] describe the long-needed function in SRM-MDM. But it seems, that this feature only work in SRM-MDM 2.0.
Maybe anybody know anything else about this problem... I'm thankful about every hint!
Regards,
Andreas -
Files to download without any permissions for guest user.
Hello, i have created a KM Navi Iview, with path to /documents/.../...
When i go to
http://portal/irj/portal/anonymous i see a list of files, but i can copy,delete and rename files (permissions for guest are: read), how can i solve this, if i need only download permissions for guest?Hello Artem,
Please do not remove the Guest User from its groups.
The Guest User is an integral part of the "Anonymous Users" group which ultmately falls under "Everyone" Group. How did you remove Guest User as only Config tool allows you to do that.
What I suggest is make a Portal Group of Users and add all your regular users to it. Give Read/Write permission to this group. Then add only Read permissions for Anonymous Users Group.
Hope this helped. -
Default dashboard page for each user group
How can I set for each user group (or for each user) which dashboard will be opened as the deefault after login?
Can I also set the default page in that dashboard?Hi,
Under Settings->My account->Preferences->User can select his default dashboard.Is it ok?
If you dont want them to select that option,you need to redirect them...You can use that blog....
Create a table in db with two columns-User, Portalpath
In initialization blog give query to fetch Portalpath from db based on user login... Follow steps from blog...
Check this blog....http://bintelligencegroup.wordpress.com/2010/09/23/external-table-authentication/
Clear explanation for external table authentication....in the same way you cna do but take two columns user,portalpath and follow the steps in blog.
Regards,
Srikanth
Edited by: Srikanth Mandadi on Oct 7, 2010 1:44 AM
Maybe you are looking for
-
Somehow I have two apple accounts. Can I merge the two?
I am not sure why but I have two apple accounts with two different email addresses. This is causing problems with iMessages not syncing over my devices because the different email addresses cause messages to be sent to different devices so I miss me
-
Hello, I have a requirement to attach a couple of documents for each employees at my client. Those document should then be made available on SAP Portal. I know there exists some SAP solutions for document management (DMS, ArchiveLink) but I have no e
-
Question on Excel Userform when the userform is closed
Hi, I have multiple userforms in my application. When I switch from one userform to another I use unload me command to close the previous form and open the new form. What I am looking for is that when I close the form with X button (at the top right
-
Geting ORA 936 -while building dynamic query in for loop.
HI, I hav written a SP and its compiled and giving me the results for the data I am quering but giving ORA936 - missing expressin and giving ORA 6512 at 2 lines. Please help me me out where I am going wrong. CREATE OR REPLACE TYPE LIST as VARRAY(5000
-
Sorry, could someone please tell help me with the Cloud? - can I use the cloud on my iPhone and choose what I want in it - such as certain documents but not all, some pictures, some music? - do I have to have my music which is on my laptop in iTunes